<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Urban_api extends CI_Controller {
	
	private function ret() {
		redirect( $this->agent->is_referral() ? $this->agent->referrer() : '/' );
	}
	
	private function check_logged($access=URBAN_ACCESS_VIEWER) {
		$this->load->library('user_agent');
		$this->lang->load('api');
		
		switch($access) {
			case URBAN_ACCESS_VIEWER:
				if ($this->user->is_valid())
					return;
			case URBAN_ACCESS_EDITOR: 
				if ($this->user->is_editor())
					return;
			case URBAN_ACCESS_ADMIN :
				if ($this->user->is_admin())
					return;
		};
		error("You must login as a CMS $access to perform this operation",'Access denied',401);
	}

	public function index() {
		$this->load->view('api_doc');
	}

	public function user_insert() {
		$this->check_logged(URBAN_ACCESS_ADMIN);
		
		$email = $this->input->post('email');
		$password = $this->input->post('password');
		$access = $this->input->post('access');
		$active = $this->input->post('active') == 'on';
		
		try {
			$this->user->insert($email,$password,$access,$active);
		} catch (Exception $e) {
			error($e->getMessage(),'Inserting user failed',403);
		}
		$this->ret();
	}
	
	public function user_delete($user_id) {
		$this->check_logged(URBAN_ACCESS_ADMIN);
		try {
			$this->user->delete($user_id);
		} catch (Exception $e) {
			error($e->getMessage(),'Deleting user failed',403);
		}
		$this->ret();
	}
	
	public function user_update($user_id) {
		$this->check_logged(URBAN_ACCESS_ADMIN);

		$email = $this->input->post('email');
		$access = $this->input->post('access');
		$active = $this->input->post('active') == 'on';
		
		try {
			$this->user->update($user_id,$email,$access,$active);
		} catch (Exception $e) {
			error($e->getMessage(),'Updating user failed',403);
		}
		$this->ret();
	}
	
	public function object_insert() {
		$this->check_logged(URBAN_ACCESS_ADMIN);
		
		$name = $this->input->post('name');
		
		$this->load->model('object');
		
		try {
			$this->object->insert($name);
		} catch (Exception $e) {
			error($e->getMessage(),'Inserting object failed',403);
		}
		$this->ret();
	}
	
	public function object_update($object_id) {
		$this->check_logged(URBAN_ACCESS_ADMIN);

		$name = $this->input->post('name');
		
		$this->load->model('object');
		
		try {
			$this->object->update($object_id,$name);
		} catch (Exception $e) {
			error($e->getMessage(),'Updating object failed',403);
		}
		$this->ret();
	}
	
	
	public function object_delete($object_id) {
		$this->check_logged(URBAN_ACCESS_ADMIN);

		$this->load->model('object');
		
		try {
			$this->object->delete($object_id);
		} catch (Exception $e) {
			error($e->getMessage(),'Deleting object failed',403);
		}
		$this->ret();
	}
	
	public function field_insert() {
		$this->check_logged(URBAN_ACCESS_ADMIN);
		
		$this->load->model('field');
		$this->load->model('object');
		
		$object_id = $this->input->post('object_id');
		$name = no_space($this->input->post('name'));
		$type = $this->input->post('type');
		switch(strtolower($name)) {
			case 'created_on':
			case 'modified_on':
			case 'created_by':
			case 'modified_by':
			case 'published':
			case 'category_id':
			case 'tags':
				error("The field name '$name' is reserved by the system and is not allowed",'Inserting new field failed',403);
			default:
		}
		
		try {
			$this->field->insert($object_id,$name,$type);
		} catch (Exception $e) {
			error($e->getMessage(),'Inserting new field failed',403);
		}
		$this->ret();
	}
	
	public function field_update() {
		$this->check_logged(URBAN_ACCESS_ADMIN);
		
		$this->load->model('field');
		$this->load->model('object');
		
		$object_id = $this->input->post('object_id');
		$old_name = $this->input->post('old_name');
		$new_name = no_space($this->input->post('new_name'));
		$type = $this->input->post('type');
		switch(strtolower($new_name)) {
			case 'created_on':
			case 'modified_on':
			case 'created_by':
			case 'modified_by':
			case 'published':
			case 'category_id':
				error("The field name '$new_name' is reserved by the system",'Field name not allowed',403);
			default:
		}
		
		try {
			$this->field->update($object_id,$old_name,$new_name,$type);
		} catch (Exception $e) {
			error($e->getMessage(),'Editing field failed',403);
		}
			
		$this->ret();
	}
	
	public function field_delete($object_id,$name) {
		$this->check_logged(URBAN_ACCESS_ADMIN);
		
		$this->load->model('object');
		$this->load->model('field');
		
		try {
			$this->field->delete($object_id,$name);
		} catch (Exception $e) {
			error($e->getMessage(),'Deleting field failed',403);
		}
		$this->ret();
	}
	
	public function data_delete($object_id,$row_id) {
		$this->check_logged(URBAN_ACCESS_EDITOR);

		$this->load->model('object');
		
		try {
			$this->object->delete_data($object_id,$row_id);
		} catch (Exception $e) {
			error($e->getMessage(),'Deleting data row failed',403);
		}
		$this->ret();
	}
	
	public function data_insert($object_id) {
		$this->check_logged(URBAN_ACCESS_EDITOR);

		$this->load->model('language');
		$this->load->model('object');
		$this->load->model('field');
		
		$data = array();
		$languages = $this->language->get_all();
		$fields = $this->field->get_by_object($object_id);
		foreach ($fields as $field) {
			if ($field->type != 'i18n_string') {
				if ($field->type == 'boolean')
					$data[$field->name] = $this->input->post($field->name)=='on' ? 1 : 0;
				else 
					$data[$field->name] = $this->input->post($field->name);
							} else {
				foreach ($languages as $language) {
					$data[$field->name.'_'.$language->id] = $this->input->post($field->name.'_'.$language->id);
				}
			}
		}
		
		try {
			$row_id = $this->object->insert_data($object_id,$data);
			redirect("objects/$object_id/entries/$row_id");
		} catch (Exception $e) {
			error($e->getMessage(),'Inserting new data row failed',403);
		}
	} 
	
	public function data_update($object_id,$row_id) {
		$this->check_logged(URBAN_ACCESS_EDITOR);

		$this->load->model('language');
		$this->load->model('object');
		$this->load->model('field');
		
		$data = array();
		$languages = $this->language->get_all();
		$fields = $this->field->get_by_object($object_id);
		foreach ($fields as $field) {
			if ($field->type != 'i18n_string') {
				if ($field->type == 'boolean')
					$data[$field->name] = $this->input->post($field->name)=='on' ? 1 : 0;
				else 
					$data[$field->name] = $this->input->post($field->name);
			} else {
				foreach ($languages as $language) {
					$data[$field->name.'_'.$language->id] = $this->input->post($field->name.'_'.$language->id);
				}
			}
		}
		
		try {
			$this->object->update_data($object_id,$row_id,$data);
		} catch (Exception $e) {
			error($e->getMessage(),"Updating data row #$row_id of object #$object_id failed",403);
		}
		$this->ret();
	}
	
	public function data_published($object_id,$row_id) {
		$this->check_logged(URBAN_ACCESS_EDITOR);

		$this->load->model('object');
		
		try {
			$this->object->set_published($object_id,$row_id,$this->input->post('published')=='on');
			redirect("/objects/$object_id/entries/$row_id");
		} catch (Exception $e) {
			error($e->getMessage(),"Updating published status failed for object #$object_id, row $row_id");
		}
	}
	
	public function data_tags($object_id,$row_id) {
		$this->check_logged(URBAN_ACCESS_EDITOR);

		$this->load->model('object');
		
		try {
			$this->object->set_tags($object_id,$row_id,$this->input->post('tags'));
			redirect("/objects/$object_id/entries/$row_id");
		} catch (Exception $e) {
			error($e->getMessage(),"Updating tags failed for object #$object_id, row $row_id");
		}
	}

	public function data_cat($object_id,$row_id) {
		$this->check_logged(URBAN_ACCESS_EDITOR);

		$this->load->model('object');
		
		$cat_id = $this->input->post('cat_id');
		if ($cat_id == 'null') $cat_id = NULL;
		else if (!preg_match('/^\d+$/', $cat_id) )
			error('Category id must be a number','Setting category failed',403);
			
		try {
			$this->object->set_cat($object_id,$row_id,$cat_id);
			redirect("/objects/$object_id/entries/$row_id");
		} catch (Exception $e) {
			error($e->getMessage(),"Updating category failed for object #$object_id, row $row_id");
		}
	}

	public function media_delete($media_id) {
		$this->check_logged(URBAN_ACCESS_EDITOR);
		
		$this->load->model('media');
		try {
			$this->media->delete($media_id);
		} catch (Exception $e) {
			error($e->getMessage(),"Deleting media #$media_id failed",403);
		}
		$this->ret();
		
	}
	
	public function media_captions_update($media_id) {
		$this->check_logged(URBAN_ACCESS_EDITOR);
		
		$this->load->model('media');
		$this->load->model('language');
		
		$captions = array();
		$languages = $this->language->get_all();
		foreach ($languages as $language)
			$captions["caption_$language->id"] = $this->input->post($language->id);
		
		try {
			$this->media->update_captions($media_id,$captions);
		} catch (Exception $e) {
			error($e->getMessage(),"Updating media #$media_id failed",403);
		}
		$this->ret();
	}
	

	public function media_upload($object_id,$row_id) {
		$this->check_logged(URBAN_ACCESS_EDITOR);

		$this->load->model('media');
		$this->load->library('upload');

		if ( $this->upload->do_upload()) {
			$this->media->add($object_id,$row_id,$this->upload->data());
		} else {
			error($this->upload->display_errors('',''),"Uploading file for row #$row_id of object #$object_id failed",403);
		}
		$this->ret();
	}
	
	public function cat_insert() {
		$this->check_logged(URBAN_ACCESS_ADMIN);
		
		$this->load->model('category');
		$this->load->model('language');
		
		//get multilingual cat names
		$names = array();
		$languages = $this->language->get_all();
		foreach ($languages as $language)
			$names[$language->id] = $this->input->post($language->id);

		//get cat parent
		$parent_id = $this->input->post('parent_id');
		if ($parent_id == 'null')
			$parent_id = NULL;
		else if (!preg_match('/^\d+$/', $parent_id) )
			error('Parent id must be a number','Adding category failed',403);
			
		//get color
		$color = $this->input->post('color');
		if (!preg_match('/^[0-9a-fA-F]{6}$/', $color))
			error('Color must be 6 hex characters','Adding category failed',403);
		
		try {
			$this->category->insert($names,$parent_id,$color);
		} catch (Exception $e) {
			error($e->getMessage(),"Adding category failed",403);
		}
		$this->ret();
		
	}
	
	public function cat_update($cat_id) {
		$this->check_logged(URBAN_ACCESS_ADMIN);
		
		$this->load->model('category');
		$this->load->model('language');
		
		//get multilingual cat names
		$names = array();
		$languages = $this->language->get_all();
		foreach ($languages as $language)
			$names[$language->id] = $this->input->post($language->id);

		//get cat parent
		$parent_id = $this->input->post('parent_id');
		if ($parent_id == 'null')
			$parent_id = NULL;
		else if (!preg_match('/^\d+$/', $parent_id) )
			error('Parent id must be a number','Adding category failed',403);
		
		//get color
		$color = $this->input->post('color');
		if (!preg_match('/^[0-9a-fA-F]{6}$/', $color))
			error('Color must be 6 hex characters','Adding category failed',403);
		
		try {
			$this->category->update($cat_id,$names,$parent_id,$color);
		} catch (Exception $e) {
			error($e->getMessage(),"Updating category failed",403);
		}
		$this->ret();
		
	}

	public function cat_delete($cat_id) {
		$this->check_logged(URBAN_ACCESS_ADMIN);
		
		$this->load->model('category');
		
		try {
			$this->category->delete($cat_id);
		} catch (Exception $e) {
			error($e->getMessage(),"Deleting category failed",403);
		}
		$this->ret();
					
	}
	

	
}?>